> * From: frits <[EMAIL PROTECTED]>
>allowed to include the applications in the firewall rules.
man iptables in etch still shows
owner
This module attempts to match various characteristics of the packet
creator, for locally-
generated packets.
besides,
grep -i owner /boot/config-2.6.*
/boot/config-2.6.18-nn:CONFIG_IP_NF_MATCH_OWNER=m
/boot/config-2.6.18-nn:CONFIG_IP6_NF_MATCH_OWNER=m
/boot/config-2.6.8-3-powerpc:CONFIG_IP_NF_MATCH_OWNER=m
so both sarge and etch should work with this (however, I do not use it)
>You might wonder why. Application running on wine should never connect
>anywhere,
for using untrusted applications it might be a good idea to use a
_specific_ user. For example, I have a specific user for e-mail, a
specific user for www, a specific user for ssh, all with a private group
and umask which permits the group to read and no else to write; each of
these users is only in its private group. My "regular" user which I use
to manipulate my locally created files (.tex .ly .denemo .mid .wav ...)
is on the contrary in special groups (audio, ...) and in the private
groups of the above users.
--
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
